diff options
author | Florian Dold <florian@dold.me> | 2021-08-30 19:08:30 +0200 |
---|---|---|
committer | Florian Dold <florian@dold.me> | 2021-08-30 19:08:30 +0200 |
commit | 5d2732eb6046d44ee34e837e4bb0a66da9d93c3f (patch) | |
tree | 9dd6281a57a3d0e1974deb43297fccb06f885dea | |
parent | 32d0c73fd752d1426382bdd8b26e3b6fb3d15aeb (diff) | |
download | anastasis-5d2732eb6046d44ee34e837e4bb0a66da9d93c3f.tar.gz anastasis-5d2732eb6046d44ee34e837e4bb0a66da9d93c3f.zip |
debian: db setup
-rw-r--r-- | debian/anastasis-httpd.config | 24 | ||||
-rw-r--r-- | debian/anastasis-httpd.postinst | 2 | ||||
-rw-r--r-- | debian/anastasis-httpd.postrm | 2 | ||||
-rw-r--r-- | debian/anastasis-httpd.prerm | 2 | ||||
-rw-r--r-- | debian/changelog | 6 | ||||
-rwxr-xr-x | debian/db/install/pgsql | 99 |
6 files changed, 41 insertions, 94 deletions
diff --git a/debian/anastasis-httpd.config b/debian/anastasis-httpd.config index 7ea8a7b..97f57bc 100644 --- a/debian/anastasis-httpd.config +++ b/debian/anastasis-httpd.config | |||
@@ -7,32 +7,16 @@ set -e | |||
7 | _USERNAME=anastasis-httpd | 7 | _USERNAME=anastasis-httpd |
8 | _GROUPNAME=www-data | 8 | _GROUPNAME=www-data |
9 | 9 | ||
10 | db_input low anastasis/reconfigure-webserver || true | 10 | # For now, we only support postgres |
11 | db_go | 11 | dbc_dbtypes=pgsql |
12 | 12 | dbc_dbuser=${_USERNAME} | |
13 | # Set permissions for sqlite3 file | ||
14 | # (for when we support sqlite3 in the future) | ||
15 | dbc_dbfile_owner="${_USERNAME}:${_GROUPNAME}" | ||
16 | dbc_dbfile_perms="0600" | ||
17 | |||
18 | dbc_psql_createdb_encoding="UTF8" | ||
19 | |||
20 | # Set MySQL encoding to UTF8, just in case MySQL | ||
21 | # support is added in the future. | ||
22 | dbc_mysql_createdb_encoding="UTF8" | ||
23 | 13 | ||
24 | # Try to get it to use UNIX domain sockets, if possible. | ||
25 | # (Note: doesn't seem to do much, still uses username+PW+TCP | ||
26 | # on my system :-( dbconfig documentation sucks.). | ||
27 | dbc_authmethod_user=ident | 14 | dbc_authmethod_user=ident |
28 | dbc_authmethod_admin=ident | 15 | dbc_authmethod_admin=ident |
29 | 16 | ||
30 | dbc_dbuser=${_USERNAME} | ||
31 | |||
32 | |||
33 | if [ -f /usr/share/dbconfig-common/dpkg/config.pgsql ]; then | 17 | if [ -f /usr/share/dbconfig-common/dpkg/config.pgsql ]; then |
34 | . /usr/share/dbconfig-common/dpkg/config.pgsql | 18 | . /usr/share/dbconfig-common/dpkg/config.pgsql |
35 | dbc_go anastasis "$@" | 19 | dbc_go anastasis-httpd "$@" |
36 | fi | 20 | fi |
37 | 21 | ||
38 | db_stop | 22 | db_stop |
diff --git a/debian/anastasis-httpd.postinst b/debian/anastasis-httpd.postinst index e9f6d32..fe89acb 100644 --- a/debian/anastasis-httpd.postinst +++ b/debian/anastasis-httpd.postinst | |||
@@ -24,7 +24,7 @@ configure) | |||
24 | if [ -f /usr/share/dbconfig-common/dpkg/postinst.pgsql ]; then | 24 | if [ -f /usr/share/dbconfig-common/dpkg/postinst.pgsql ]; then |
25 | . /usr/share/dbconfig-common/dpkg/postinst.pgsql | 25 | . /usr/share/dbconfig-common/dpkg/postinst.pgsql |
26 | dbc_pgsql_createdb_encoding="UTF8" | 26 | dbc_pgsql_createdb_encoding="UTF8" |
27 | dbc_go anastasis "$@" | 27 | dbc_go anastasis-httpd "$@" |
28 | fi | 28 | fi |
29 | 29 | ||
30 | ;; | 30 | ;; |
diff --git a/debian/anastasis-httpd.postrm b/debian/anastasis-httpd.postrm index 3b707d2..9954a33 100644 --- a/debian/anastasis-httpd.postrm +++ b/debian/anastasis-httpd.postrm | |||
@@ -8,7 +8,7 @@ fi | |||
8 | 8 | ||
9 | if [ -f /usr/share/dbconfig-common/dpkg/postrm.pgsql ]; then | 9 | if [ -f /usr/share/dbconfig-common/dpkg/postrm.pgsql ]; then |
10 | . /usr/share/dbconfig-common/dpkg/postrm.pgsql | 10 | . /usr/share/dbconfig-common/dpkg/postrm.pgsql |
11 | dbc_go anastasis "$@" | 11 | dbc_go anastasis-httpd "$@" |
12 | fi | 12 | fi |
13 | 13 | ||
14 | case "${1}" in | 14 | case "${1}" in |
diff --git a/debian/anastasis-httpd.prerm b/debian/anastasis-httpd.prerm index 570b20f..24625c0 100644 --- a/debian/anastasis-httpd.prerm +++ b/debian/anastasis-httpd.prerm | |||
@@ -9,7 +9,7 @@ fi | |||
9 | 9 | ||
10 | if [ -f /usr/share/dbconfig-common/dpkg/prerm.pgsql ]; then | 10 | if [ -f /usr/share/dbconfig-common/dpkg/prerm.pgsql ]; then |
11 | . /usr/share/dbconfig-common/dpkg/prerm.pgsql | 11 | . /usr/share/dbconfig-common/dpkg/prerm.pgsql |
12 | dbc_go anastasis "$@" | 12 | dbc_go anastasis-httpd "$@" |
13 | fi | 13 | fi |
14 | 14 | ||
15 | db_stop | 15 | db_stop |
diff --git a/debian/changelog b/debian/changelog index f139e46..86fbe88 100644 --- a/debian/changelog +++ b/debian/changelog | |||
@@ -1,3 +1,9 @@ | |||
1 | anastasis (0.1.0-1) unstable; urgency=low | ||
2 | |||
3 | * Debian database setup. | ||
4 | |||
5 | -- Florian Dold <florian@dold.me> Mon, 30 Aug 2021 19:08:18 +0200 | ||
6 | |||
1 | anastasis (0.1.0) unstable; urgency=low | 7 | anastasis (0.1.0) unstable; urgency=low |
2 | 8 | ||
3 | * New upstream release. | 9 | * New upstream release. |
diff --git a/debian/db/install/pgsql b/debian/db/install/pgsql index 729940d..dab5d1e 100755 --- a/debian/db/install/pgsql +++ b/debian/db/install/pgsql | |||
@@ -5,77 +5,34 @@ set -eu | |||
5 | conf_anastasis_db=/etc/anastasis/secrets/anastasis-db.secret.conf | 5 | conf_anastasis_db=/etc/anastasis/secrets/anastasis-db.secret.conf |
6 | conf_override=/etc/anastasis/override.conf | 6 | conf_override=/etc/anastasis/override.conf |
7 | 7 | ||
8 | # get database settings from dbconfig-common and configure | 8 | # Get database settings from dbconfig-common and write anastasis configuration files. |
9 | # for ADMINISTRATIVE access | 9 | if [ -f /etc/dbconfig-common/anastasis-httpd.conf ]; then |
10 | if [ -f /etc/dbconfig-common/anastasis.conf ]; then | 10 | . /etc/dbconfig-common/anastasis-httpd.conf |
11 | . /etc/dbconfig-common/anastasis.conf | 11 | case "$dbc_dbtype" in |
12 | case "$dbc_dbtype" in | 12 | pgsql) |
13 | pgsql) | 13 | echo -e "# Config file auto-generated by Debian.\n[anastasis]\nDB=postgres\n\n" > \ |
14 | anastasis-config \ | 14 | $conf_override |
15 | -c $conf_anastasis_db \ | 15 | # We assume ident auth here. We might support password auth later. |
16 | -s "stasis-postgres" \ | 16 | echo -e "[stasis-postgres]\nCONFIG=postgres:///${dbc_dbname}\n\n" > \ |
17 | -o "CONFIG" \ | 17 | $conf_anastasis_db |
18 | -V "postgres:///$dbc_dbname" | ||
19 | anastasis-config \ | ||
20 | -c $conf_override \ | ||
21 | -s "anastasis" \ | ||
22 | -o "DB" \ | ||
23 | -V "postgres" | ||
24 | ;; | ||
25 | sqlite3) | ||
26 | # Later: use something like: | ||
27 | # sqlite:///$DATA_DIR/merchant.db | ||
28 | # But for now, sqlite is unsupported: | ||
29 | echo "Unsupported database type $dbc_type." | ||
30 | exit 1 | ||
31 | ;; | ||
32 | "") | ||
33 | ;; | ||
34 | *) | ||
35 | echo "Unsupported database type $dbc_type." | ||
36 | exit 1 | ||
37 | ;; | ||
38 | esac | ||
39 | fi | ||
40 | |||
41 | # Run database initialization logic | ||
42 | sudo -u postgres anastasis-dbinit -c /etc/anastasis/anastasis.conf | ||
43 | |||
44 | 18 | ||
45 | # get database settings from dbconfig-common and configure | 19 | # Allow the taler-merchant-httpd user to create schemas, needed by dbinit |
46 | # for service access! | 20 | echo "GRANT CREATE on database \"$dbc_dbname\" to \"anastasis-httpd\";" | sudo -u postgres psql -f - |
47 | if [ -f /etc/dbconfig-common/anastasis.conf ]; then | 21 | # Run database initialization logic |
48 | . /etc/dbconfig-common/anastasis.conf | 22 | sudo -u anastasis-httpd anastasis-dbinit -c /etc/anastasis/anastasis.conf |
49 | case "$dbc_dbtype" in | 23 | ;; |
50 | pgsql) | 24 | sqlite3) |
51 | echo "GRANT INSERT, SELECT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO \"$dbc_dbuser\";" \ | 25 | # Later: use something like: |
52 | | sudo -u postgres psql "postgres:///$dbc_dbname" | 26 | # sqlite:///$DATA_DIR/anastasis.db |
53 | echo "GRANT SELECT, UPDATE ON ALL SEQUENCES IN SCHEMA public TO \"$dbc_dbuser\";" \ | 27 | # But for now, sqlite is unsupported: |
54 | | sudo -u postgres psql "postgres:///$dbc_dbname" | 28 | echo "Unsupported database type $dbc_type." |
29 | exit 1 | ||
30 | ;; | ||
31 | "") ;; | ||
55 | 32 | ||
56 | anastasis-config \ | 33 | *) |
57 | -c $conf_anastasis_db \ | 34 | echo "Unsupported database type $dbc_type." |
58 | -s "stasis-postgres" \ | 35 | exit 1 |
59 | -o "CONFIG" \ | 36 | ;; |
60 | -V "postgres://$dbc_dbuser:$dbc_dbpass@$dbc_dbserver/$dbc_dbname" | 37 | esac |
61 | anastasis-config \ | ||
62 | -c $conf_override \ | ||
63 | -s "anastasis" \ | ||
64 | -o "DB" \ | ||
65 | -V "postgres" | ||
66 | ;; | ||
67 | sqlite3) | ||
68 | # Later: use something like: | ||
69 | # sqlite:///$DATA_DIR/merchant.db | ||
70 | # But for now, sqlite is unsupported: | ||
71 | echo "Unsupported database type $dbc_type." | ||
72 | exit 1 | ||
73 | ;; | ||
74 | "") | ||
75 | ;; | ||
76 | *) | ||
77 | echo "Unsupported database type $dbc_type." | ||
78 | exit 1 | ||
79 | ;; | ||
80 | esac | ||
81 | fi | 38 | fi |